Orleans Clustering - Azure Table Storage¶
Overview¶
Azure Table Storage clustering enables Orleans silos to discover each other and form a cluster using Azure Table Storage as the membership table. This is ideal for Azure-hosted applications and supports both connection string and managed identity authentication.
Configuration¶
Connection String Authentication¶
{
"Orleans": {
"ClusteringSettings": {
"ProviderType": "AzureTableStorage",
"AzureTableStorage": {
"ConnectionString": "DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=mykey;EndpointSuffix=core.windows.net",
"TableName": "OrleansMembershipTable",
"UseManagedIdentity": false
}
}
}
}
Managed Identity Authentication¶
For Azure-hosted applications, managed identity provides passwordless authentication:
{
"Orleans": {
"ClusteringSettings": {
"ProviderType": "AzureTableStorage",
"AzureTableStorage": {
"ConnectionString": null,
"TableName": "OrleansMembershipTable",
"UseManagedIdentity": true,
"ManagedIdentityClientId": "client-id-here"
}
}
}
}
Note: ManagedIdentityClientId is optional and only required when using user-assigned managed identity. For system-assigned managed identity, omit this property.
Setup Instructions¶
1. Create Azure Storage Account¶
- Navigate to Azure Portal
- Create a new Storage Account
- Note the account name and connection string (or configure managed identity)
2. Configure Managed Identity (Recommended for Production)¶
For Azure App Service, Azure Container Apps, or Azure VMs:
- Enable system-assigned managed identity in the Azure resource
- Grant the managed identity the "Storage Table Data Contributor" role on the storage account
- Configure
UseManagedIdentity: truein appsettings.json
For user-assigned managed identity:
- Create a user-assigned managed identity
- Assign it to your Azure resource
- Grant the "Storage Table Data Contributor" role
- Configure
UseManagedIdentity: trueandManagedIdentityClientId: "your-client-id"
3. Table Creation¶
The membership table is automatically created on first use. The default table name is OrleansMembershipTable, but you can customize it via the TableName property.
Configuration Options¶
| Property | Type | Required | Default | Description |
|---|---|---|---|---|
ConnectionString |
string | Conditional | null | Azure Storage connection string. Required if UseManagedIdentity is false. |
TableName |
string | No | "OrleansMembershipTable" | Name of the Azure Table Storage table for clustering |
UseManagedIdentity |
bool | No | false | Whether to use managed identity for authentication |
ManagedIdentityClientId |
string | No | null | Client ID for user-assigned managed identity (optional) |
Validation¶
The configuration is validated at startup:
- If UseManagedIdentity is false, ConnectionString must be provided
- TableName must not be empty when using managed identity
Health Checks¶
The template includes OrleansAzureTableStorageClusteringHealthCheck which verifies:
- Connectivity to Azure Table Storage
- Table existence and accessibility
- Authentication (connection string or managed identity)
Troubleshooting¶
Common Issues¶
- Authentication Failed
- Verify connection string is correct
- For managed identity, ensure the identity has "Storage Table Data Contributor" role
-
Check that the storage account is accessible from your application
-
Table Not Found
- The table is created automatically on first use
- Verify the table name is correct
-
Check storage account permissions
-
Connection Timeout
- Verify network connectivity to Azure Storage
- Check firewall rules on the storage account
- Ensure the storage account endpoint is accessible
Best Practices¶
- Use managed identity for production deployments
- Use separate storage accounts for different environments (dev, staging, prod)
- Monitor table storage capacity and performance
- Configure appropriate retention policies for table data
- Use connection string only for local development